v0.5.0

• add: contextualizer selection for the locator skills — /skill-engine:{discover,refresh,status,self-audit,new-reference} <name> names which contextualizer to operate on, unblocking multi-contextualizer installs that previously hard-stopped on ambiguity (plugin/skill-engine/skills/*/SKILL.md).
• add: an error run outcome in the eval harness for CLI-invocation failures, excluded from the pass-vs-fail vote in both the renderer and the HTML viewer so an expired token reads as runner trouble rather than a routing regression; the harness exits 70 when every run errored, and pass detection is scoped to Read tool_use so catalog text flowing through a transcript cannot false-pass (plugin/skill-engine/engine-bootstrap-templates/eval/).
• add: a live-tree gate in apply — promotion halts when a live file's hash no longer matches the manifest's sha_before, so a stale proposal cannot silently revert edits that landed after staging, such as approved self-audit fixes (plugin/skill-engine/skills/apply/SKILL.md).
• add: make ci-local (scripts/ci-local.sh) as the single validator entry point shared by CI, the Makefile, and /release — one check inventory with no transcribed job lists to drift; in CI a missing check-jsonschema fails loud instead of green-skipping the schema gates (scripts/ci-local.sh, .github/workflows/{lint,security}.yml, Makefile).
• change: the clone cache is unified on the kind-partitioned layout everywhere it is taught, with the doctrine lint extended from skills to docs and the README so the flat path cannot reappear unmarked (plugin/skill-engine/docs/, plugin/skill-engine/tests/doctrine.sh).
• change: stamped *.sh.template files are now covered by shellcheck and the doctrine curl lint; the curl allowlist is comment-safe and accepts -I anywhere in a flag cluster, and the source-paths schema is tested against verify.sh for equivalence via negative fixtures (plugin/skill-engine/tests/doctrine.sh, scripts/ci-local.sh).
• change: CI toolchain versions are pinned for reproducible runs (.github/workflows/).
• fix: the shared locator block no longer dies silently under pipefail when no contextualizer matches — the zero-match diagnostics ("Run /skill-engine:engine-bootstrap first.") actually print (plugin/skill-engine/skills/{discover,refresh,status,self-audit,new-reference,using-skill-engine}/SKILL.md).
• fix: eval-pipeline robustness — an interrupted harness run exits 130 instead of publishing a corrupt results file, pass detection cannot record a SIGPIPE false fail on Read-heavy transcripts, and the renderer handles any runs-per-query count instead of silently dropping runs past the third (plugin/skill-engine/engine-bootstrap-templates/eval/).
• fix: the engine-bootstrap overwrite guard triggers on any existing contextualizer files, not only a parseable state marker, so a corrupt marker cannot bypass it (plugin/skill-engine/skills/engine-bootstrap/SKILL.md).
• fix: docs reconciled to shipped behavior — the quickstart gained the review/apply promotion step required since the v0.3.0 staging gate, 12-evaluation.md documents the error outcome and the jq requirement, issue templates and broken links repaired, and prose counts swept (plugin/skill-engine/docs/, .github/ISSUE_TEMPLATE/).
• remove: the stale worker-agent stratum (agents/worker-{refresh,verify}.md) retired in favor of goal-given delegation, with the templates README rewritten to match what actually ships (plugin/skill-engine/agents/, plugin/skill-engine/engine-bootstrap-templates/README.md).

v0.4.0

[0.4.0] - 2026-06-03

• add: a JSON Schema for source-paths.json plus a check-jsonschema CI gate that meta-validates the schema and validates the bootstrap template and every bundled example against it. The schema transcribes the contract verify.sh Check 1/2 enforce, including its null/empty-string-as-absent reading of optional cross-axis fields (plugin/skill-engine/engine-bootstrap-templates/source-paths.schema.json, .github/workflows/lint.yml).
• add: a grounded-citation eval corpus for the MCP example and a keyless grounded_rate.py --dry-run CI gate that validates each example's eval-prompts.json without calling the API (examples/modelcontextprotocol-python-sdk-context/research/{eval-prompts.json,eval-results.md}, .github/workflows/lint.yml).
• change: the navigator's default Claims policy now requires an inline SHA-pinned permalink on every load-bearing claim — the behavior the grounded-citation eval measures — propagated to both navigator templates, all three examples, and the artifact contract (plugin/skill-engine/engine-bootstrap-templates/navigator*.md.template, examples/*/SKILL.md, plugin/skill-engine/docs/02-artifact-contract.md).
• change: harden the clone-to-cache flow — git ls-remote / clone calls carry the -- argument terminator across engine-bootstrap, discover, and refresh, and the clone path additionally guards the source_id and skips an unsafe id or an empty resolved SHA rather than aborting the run (plugin/skill-engine/skills/{engine-bootstrap,discover,refresh}/SKILL.md).
• change: make the verify.sh catalog/skill-json comment-strip robust to inline and multi-line HTML comments via a shared strip_md_comments awk helper (kept byte-identical across the four copies), with a new verify-bijection suite pinning the behavior (plugin/skill-engine/engine-bootstrap-templates/verify.sh, examples/*/verify.sh, plugin/skill-engine/tests/verify-bijection/run.sh).
• change: run each bundled example through verify.sh, a strict permalink-density floor, and the grounded-rate dry-run in CI, and tighten the skill-content-eval semgrep rule to match real eval calls rather than "eval (parenthetical)" prose (.github/workflows/lint.yml, .semgrep/skill-content.yml, plugin/skill-engine/tests/permalink_density.py).
• change: document the per-contextualizer CLI as an optional pattern rather than a generated surface, and reframe the README hero around auditable/offline grounding instead of a base-model comparison (README.md, CAPABILITIES.md, plugin/skill-engine/docs/{04-delivery,05-invariants,06-release-doctrine}.md).
• fix: correct doc claims that had drifted from the shipped code — verify.sh's actual enforcement surface, the coverage-testing figures, the navigator body section list, and the schema / version-sync cross-references (plugin/skill-engine/docs/{02-artifact-contract,05-invariants,13-coverage-testing}.md, plugin/skill-engine/engine-bootstrap-templates/release-command.md.template).

v0.3.0

• add: reviewer-in-the-loop promotion flow — DISCOVER and REFRESH now stage into <slug>-context.proposed/ instead of writing the live contextualizer, and three new commands (/skill-engine:review, /skill-engine:apply, /skill-engine:discard) gate promotion behind a recorded REVIEW.md sign-off, so no engine run mutates a published index without explicit approval (plugin/skill-engine/skills/{review,apply,discard,discover,refresh}/SKILL.md, plugin/skill-engine/engine-bootstrap-templates/REVIEW.md.template).
• add: coverage-testing instruments wired into SELF-AUDIT — Check 7 (paragraph→permalink density, a free bash-local lint) and Check 8 (grounded-citation rate, an opt-in Anthropic-API runner), both defaulting to a ≥80% threshold, so contextualizer grounding is measured rather than assumed (plugin/skill-engine/docs/13-coverage-testing.md, plugin/skill-engine/tests/{permalink_density.py,grounded_rate.py}, plugin/skill-engine/skills/self-audit/SKILL.md).
• add: security-scan CI and hooks audit — a new security.yml workflow runs bandit + semgrep + shellcheck (gating on HIGH/CRITICAL, SARIF to the Security tab), and make hooks-audit plus its mirror workflow assert the bundled .claude/settings.json ships zero hooks and the manifest declares only the single SessionStart bootstrap hook (.github/workflows/{security,hooks-audit}.yml, Makefile, .semgrep/, plugin/skill-engine/tests/hooks-audit.sh).
• add: guardrails-contract chapter in SECURITY.md spelling out the engine's safety model — what it checks, what it does not promise, and the one hook it ships — plus a sandbox-block detection check that fails fast when the engine cannot honor a requested mode (SECURITY.md).
• change: reference files now carry NO YAML frontmatter — verify.sh inverts its frontmatter check so name:/description: are scoped to the navigator SKILL.md only (matching Anthropic's canonical Agent Skills practice); a reference whose first non-blank line is --- now fails (plugin/skill-engine/engine-bootstrap-templates/verify.sh, plugin/skill-engine/docs/02-artifact-contract.md).
• change: README rewritten around a load-bearing-capability lede with a worked Safety Model section (mermaid diagram), and the Flask placeholder replaced by three real bundled examples — modelcontextprotocol-python-sdk-context, langchain-context, and the multi-source inspect-ai-context (README.md, examples/).
• change: CI lint gains permalink-density and grounded-rate test jobs, and a git.readonly doctrine lint asserts the engine never runs mutating git on the user's behalf (.github/workflows/lint.yml, plugin/skill-engine/tests/{permalink-density,grounded-rate}/run.sh, plugin/skill-engine/tests/doctrine.sh).
• add: config-set command for engine configuration and a dependabot config for GitHub Actions version tracking (plugin/skill-engine/skills/config-set/SKILL.md, .github/dependabot.yml).
• remove: the fictional persona gallery (docs/personas/) retired in favor of evidence-shaped docs/case-studies/ (the legacy-rescue story plus a truth-contract and submission issue template) and docs/usage-modes.md orientation prose — the project speaks through real examples, not invented people (docs/case-studies/, docs/usage-modes.md, .github/ISSUE_TEMPLATE/case-study.md).

v0.2.1

• fix: engine-bootstrap was silently miscategorizing every documentation-site URL as kind: external-doc because the v0.2.0 web-doc rollout updated the artifact contract, validator, and Step 3.6 crawl flow but missed the upstream Step 1 intake classifier. URL inputs now correctly route to kind: web-doc with default crawl_mode: sitemap — the bare-GitHub-org guardrail, repo/doc disambiguator, Step 2 slug rule, and Step 3 stamping all carry the rename (plugin/skill-engine/skills/engine-bootstrap/SKILL.md).
• add: verify.sh now enforces a per-kind url/path matrix at the schema check — git-managed and web-doc require url, external-doc and local-path require path, and the three strict kinds reject the wrong-axis field. Defense-in-depth so a hand-edited malformed entry no longer slips through unrejected (plugin/skill-engine/engine-bootstrap-templates/verify.sh).
• change: rename ### External-doc sources on source-paths.json to ### \kind: "external-doc"`for symmetry with the siblingkind: "web-doc" heading, and fix the one cross-reference that pointed at the old anchor (plugin/skill-engine/docs/02-artifact-contract.md, plugin/skill-engine/docs/09-discover-config.md`).
• add: three web-doc test fixtures pinning the post-fix bootstrap stamp shape and both validator-rejected shapes (external-doc missing path; external-doc carrying a url) (plugin/skill-engine/tests/web-doc/fixtures/).

v0.2.0

v0.2.0